Archive for November 2017

In a secure environment, which authentication mechanism performs better?

In a secure environment, which authentication mechanism performs better?



A. RADIUS because it encrypts client/server passwords.

B. TACACS+ because it encrypts client/server negotiation dialogs.

C. TACACS+ because it is a remote access authentication service.

D. RADIUS because it is a remote access authentication service.




Answer: B

What is the primary purpose of network address translation (NAT)?

What is the primary purpose of network address translation (NAT)?



A. To hide the public network from internal hosts
B. To convert IP addresses into domain names
C. To cache web pages
D. To hide internal hosts from the public network


Answer: D

A Uniform Resource Locator (URL) is a type of Uniform Resource Identifier (URI) that specifies where an identified resource is available. When a user attempts to go to a website, she notices the URL has changed. Which attack is the most likely cause of the problem?

A Uniform Resource Locator (URL) is a type of Uniform Resource Identifier (URI) that specifies where an identified resource is available. When a user attempts to go to a website, she notices the URL has changed. Which attack is the most likely cause of the problem?



A. Denial of service
B. ARP poisoning
C. DNS poisoning
D. DLL injection



Answer: C

The IT director asks you to create a solution to protect your network from Internet-based attacks. The solution should include pre-admission security checks and automated remediation and should also integrate with existing network infrastructure devices. Which of the following solutions should you implement?

The IT director asks you to create a solution to protect your network from Internet-based attacks. The solution should include pre-admission security checks and automated remediation and should also integrate with existing network infrastructure devices. Which of the following solutions should you implement?



A. NAC
B. NAT
C. VLAN
D. Subnetting



Answer: A

Your manager has asked you to run cables for your network through a boiler room where there is a furnace and air conditioning equipment. These devices are known to cause interference. Which of the following types of cabling will have the best chance of preventing interference when working in this area?

Your manager has asked you to run cables for your network through a boiler room where there is a furnace and air conditioning equipment. These devices are known to cause interference. Which of the following types of cabling will have the best chance of preventing interference when working in this area?



A. UTP
B. Fiber optic
C. STP
D. Coaxial



Answer: B

One of your users complains that files are being randomly renamed and deleted. The last action the user took was to download and install a new screensaver on the computer. The user says that the file activity started immediately after installation of the screensaver. Which of following would be the best description for this screensaver?

One of your users complains that files are being randomly renamed and deleted. The last action the user took was to download and install a new screensaver on the computer. The user says that the file activity started immediately after installation of the screensaver. Which of following would be the best description for this screensaver?



A. Trojan horse
B. Logic bomb
C. Virus
D. Worm



Answer: A

You want to make sure that the most recent hotfixes have been applied to a Windows server, and you want to minimize the effort necessary to maintain this solution. What is the best way to accomplish this?

You want to make sure that the most recent hotfixes have been applied to a Windows server, and you want to minimize the effort necessary to maintain this solution. What is the best way to accomplish this?



A. Enable Windows automatic updates.
B. Install a third-party patch management system.
C. Install a security template.
D. Install the latest service pack.




Answer: A

The IT director asks you to verify that the organization's virtualization technology is implemented securely. What should you take into consideration?

The IT director asks you to verify that the organization's virtualization technology is implemented securely. What should you take into consideration?



A. Verify that virtual machines are multihomed.
B. Perform penetration testing on virtual machines.
C. Subnet the network so that each virtual machine is on a different network segment.
D. Verify that virtual machines have the latest service packs and patches installed.





Answer: D

You are the network administrator for your organization and are in charge of many servers, including one web server. Which of the following is the best way to reduce vulnerabilities on your web server?

You are the network administrator for your organization and are in charge of many servers, including one web server. Which of the following is the best way to reduce vulnerabilities on your web server?



A. Enable auditing and review log files.
B. Block DNS on port 80.
C. Apply updates and patches.
D. Use a 24/7 packet sniffer.


Answer: C

Which of the following statements best defines a computer virus?

Which of the following statements best defines a computer virus?



A. It is a find mechanism, initiation mechanism, and can propagate.

B. It is a search mechanism, connection mechanism, and can integrate.

C. It is a learning mechanism, contamination mechanism, and can exploit.

D. It is a replication mechanism, activation mechanism, and has an objective.




Answer: D

You are the network security administrator for your organization. You recently audited a server and found that a user logged in to the server with a regular account, executed a program, and performed activities that should be available only to an administrator. What type of attack does this describe?

You are the network security administrator for your organization. You recently audited a server and found that a user logged in to the server with a regular account, executed a program, and performed activities that should be available only to an administrator. What type of attack does this describe?



A. Privilege escalation
B. Backdoor
C. Trojan horse
D. Brute force



Answer: A

One of your database servers is mission-critical. You cannot afford any downtime. What is the best item to implement to ensure minimal downtime of the server and ensure fault tolerance of the data stored on the database server?

One of your database servers is mission-critical. You cannot afford any downtime. What is the best item to implement to ensure minimal downtime of the server and ensure fault tolerance of the data stored on the database server?



A. UPS
B. RAID
C. Redundant server
D. Spare parts




Answer: B

You are designing the environmental controls for a server room that contains several servers and other network devices. What role will an HVAC system play in this environment? (Select the two best answers.)

You are designing the environmental controls for a server room that contains several servers and other network devices. What role will an HVAC system play in this environment? (Select the two best answers.)



A. Shield equipment from EMI.
B. Provide isolation in case of a fire.
C. Provide an appropriate ambient temperature.
D. Maintain appropriate humidity levels.
E. Vent fumes from the server room.



Answer: C

In this scenario, your organization and a sister organization use multiple certificate authorities (CAs). Which component of PKI is necessary for one CA to know whether to accept or reject certificates from another CA?

In this scenario, your organization and a sister organization use multiple certificate authorities (CAs). Which component of PKI is necessary for one CA to know whether to accept or reject certificates from another CA?



A. CRL
B. Key escrow
C. RA
D. Recovery agent




Answer: C

What is secret key encryption also called?

What is secret key encryption also called?



A. Asymmetrical encryption
B. One-way function
C. Symmetrical encryption
D. Quantum encryption




Answer: C

You look through some graphic files and discover that confidential information has been encoded into the files. These files are being sent to a sister company outside your organization. What is this an example of?

You look through some graphic files and discover that confidential information has been encoded into the files. These files are being sent to a sister company outside your organization. What is this an example of?



A. Confidentiality
B. Cryptography
C. Digital signature
D. Steganography




Answer: D

You suspect that files are being illegitimately copied to an external location.The file server that the files are stored on does not have logging enabled. Which log should you access to find out more about the files that are being copied illegitimately?

You suspect that files are being illegitimately copied to an external location.The file server that the files are stored on does not have logging enabled. Which log should you access to find out more about the files that are being copied illegitimately?



A. DNS logs
B. Firewall log
C. Antivirus log
D. System log





Answer: B

Again, you perform risk assessment for your organization. What should you do during the impact assessment?

Again, you perform risk assessment for your organization. What should you do during the impact assessment?




A. Determine actions that can be taken to mitigate any potential threat.
B. Determine how likely it is that a threat might actually occur.
C. Determine the potential monetary costs related to a threat.
D. Determine how well the organization is prepared to manage the threat.


Answer: C

You review the system logs for your organization's firewall and see that an implicit deny is within the ACL. Which is an example of an implicit deny?

You review the system logs for your organization's firewall and see that an implicit deny is within the ACL. Which is an example of an implicit deny?



A. An access control list is a secure way of moving traffic from one network to another.
B. Implicit deny will deny all traffic from one network to another.
C. Items not specifically given access are denied by default.
D. Everything will be denied because of the implicit deny.




Answer: C

Your organization asks you to design a web-based application. It wants you to design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk if an attack occurs. Which of the following security concepts does this describe?

Your organization asks you to design a web-based application. It wants you to design the application so that it runs under a security context that allows only those privileges required for the application to run to minimize risk if an attack occurs. Which of the following security concepts does this describe?



A. Implicit deny
B. Mandatory access control
C. Separation of duties
D. Principle of least privilege





Answer: D

You have been commissioned by a customer to implement a network access control model that limits remote users' network usage to normal business hours only. You create one policy that applies to all the remote users. What access control model are you implementing?

You have been commissioned by a customer to implement a network access control model that limits remote users' network usage to normal business hours only. You create one policy that applies to all the remote users. What access control model are you implementing?



A. Role-based access control
B. Mandatory access control
C. Discretionary access control
D. Rule-based access control



Answer: A

Which one of the following attacks misuses the Transmission Control Protocol three-way handshake process in an attempt to overload network servers so that authorized users are denied access to network resources?

Which one of the following attacks misuses the Transmission Control Protocol three-way handshake process in an attempt to overload network servers so that authorized users are denied access to network resources?




A. SYN attack
B. Man-in-the-middle attack
C. Teardrop attack
D. Smurf attack




Answer: A

Which of the following attacks is best described as an attacker capturing part of a communication, and then later sending some or all of that communication to a server while pretending to be the original client?

Which of the following attacks is best described as an attacker capturing part of a communication, and then later sending some or all of that communication to a server while pretending to be the original client?



A. Replay attack
B. TCP/IP hijacking
C. Backdoor
D. Man-in-the-middle attack




Answer: A

Which of the following services uses port 49?

Which of the following services uses port 49?



A. File Transfer Protocol
B. Post Office Protocol version 3
C. Terminal Access Controller Access-Control System Plus
D. Domain Name System




Answer: C

Which of the following characterizations best suits the term Java applet?

Which of the following characterizations best suits the term Java applet?



A. Java applets include a digital signature.
B. Java applets allow for customized controls and icons.
C. Java applets need to have virtual machine web browser support.
D. Java applets are the same as ActiveX controls.



Answer: C

You are the network security administrator for your organization. You are in charge of deploying 50 new computers on the network. Which of the following should be completed first?

You are the network security administrator for your organization. You are in charge of deploying 50 new computers on the network. Which of the following should be completed first?



A. Apply a baseline configuration.
B. Install operating system updates.
C. Install the latest spyware.
D. Install a spreadsheet program.




Answer: A

A hacker develops a piece of malicious code. It is not designed to automatically spread from one system to another. Instead, it is designed to spread from one file to another file on the individual computer. What type of malware is this?

A hacker develops a piece of malicious code. It is not designed to automatically spread from one system to another. Instead, it is designed to spread from one file to another file on the individual computer. What type of malware is this?



A. Worm
B. Trojan
C. Botnet
D. Virus




Answer: D

Malware can use virtualization techniques. Why would this be difficult to detect?

Malware can use virtualization techniques. Why would this be difficult to detect?



A. A portion of the malware might have already been removed by an IDS.

B. The malware might be using a Trojan.

C. The malware could be running at a more privileged level than the computer's antivirus software.

D. The malware might be running in the command-line.




Answer: C

Your company uses instant messaging between the central office and satellite offices. What is the most important security issue that you need to deal with when it comes to instant messaging?

Your company uses instant messaging between the central office and satellite offices. What is the most important security issue that you need to deal with when it comes to instant messaging?



A. Different instant messaging programs have no common protocol.

B. Instant messaging has no or weak encryption.

C. Instant messaging can adversely affect Internet bandwidth.

D. Instant messaging program sessions are open and unprotected.



Answer: D

Which of the following best describes a backdoor?

Which of the following best describes a backdoor?



A. Code inserted into software that initiates one of several types of functions when specific criteria are met

B. Computer programs used to bypass normal authentication or other security mechanisms in place

C. A platonic extra added to an operating system

D. A group of compromised computers



Answer: B
Subscribe to: Posts (Atom)